Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/szdIRRHo0Yp04SSIbmFUKnYQowE.roa
File: szdIRRHo0Yp04SSIbmFUKnYQowE.roa (raw, json)
Hash identifier: FOhUhIJKPAY6nfrDJwNLj778mdZ7NV//vzYkZqaqxn8=
Subject key identifier: B3:37:48:45:11:E8:D1:8A:74:E1:24:88:6E:61:54:2A:76:10:A3:01
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0183F66400CBAE504AFC9B0F3251A8EA2F6C
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/szdIRRHo0Yp04SSIbmFUKnYQowE.roa
Signing time: Thu 20 Oct 2022 17:14:52 +0000
ROA not before: Thu 20 Oct 2022 17:14:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 64.137.80.0/22 maxlen: 22
64.137.96.0/22 maxlen: 22
64.137.94.0/23 maxlen: 23
64.137.92.0/23 maxlen: 23
64.137.100.0/23 maxlen: 23
64.137.14.0/23 maxlen: 23
64.137.18.0/23 maxlen: 23
104.249.29.0/24 maxlen: 24
104.143.232.0/21 maxlen: 21
64.137.42.0/23 maxlen: 23
104.143.240.0/22 maxlen: 22
64.137.48.0/23 maxlen: 23
64.137.58.0/23 maxlen: 23
64.137.60.0/22 maxlen: 22
104.238.0.0/22 maxlen: 22
104.233.0.0/21 maxlen: 21
64.137.10.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f6:64:00:cb:ae:50:4a:fc:9b:0f:32:51:a8:ea:2f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 20 17:14:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b337484511e8d18a74e124886e61542a7610a301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ce:43:ee:93:09:36:07:f6:6b:e2:43:69:f6:
cc:ef:15:db:24:e5:92:c2:93:39:88:53:22:d4:82:
bc:d0:8b:9f:bc:2c:b3:9f:73:6e:24:00:f6:a0:53:
bd:20:7f:da:38:fd:c2:07:1e:bd:c3:11:ff:b3:4b:
11:1c:e8:76:5d:09:70:95:54:ee:65:16:ed:a9:ae:
a9:49:83:61:5b:9e:4a:97:d2:2b:9a:05:d5:08:5e:
ed:0c:f6:e2:fe:4e:3e:28:0b:7c:67:72:e0:61:ab:
82:0e:38:57:60:84:40:11:50:56:88:52:25:a7:2b:
d2:6f:3e:ec:f8:ee:51:2f:8c:7a:35:64:3c:27:db:
59:78:cf:a6:82:1e:20:64:41:90:34:a5:1d:1f:a4:
0b:5c:e1:f8:8f:ae:de:58:01:70:d7:80:9b:0a:ec:
e1:e9:1d:1c:28:dd:5f:40:6e:d1:52:aa:4d:24:7b:
59:68:83:6a:15:0a:a1:da:f9:b8:90:3a:5f:b7:cd:
c4:64:d0:a4:15:0b:97:e6:f3:c8:ca:76:e5:89:18:
b3:35:d3:f0:9f:50:6f:a8:43:1a:03:11:c4:3f:5a:
27:e4:73:90:27:2d:7a:65:9a:bb:d7:dc:cb:7e:b7:
35:78:fa:c7:69:3f:69:14:81:a2:d6:de:4a:ec:33:
c2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:37:48:45:11:E8:D1:8A:74:E1:24:88:6E:61:54:2A:76:10:A3:01
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/szdIRRHo0Yp04SSIbmFUKnYQowE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.10.0/23
64.137.14.0/23
64.137.18.0/23
64.137.42.0/23
64.137.48.0/23
64.137.58.0-64.137.63.255
64.137.80.0/22
64.137.92.0-64.137.101.255
104.143.232.0-104.143.243.255
104.233.0.0/21
104.238.0.0/22
104.249.29.0/24
Signature Algorithm: sha256WithRSAEncryption
39:f3:0d:6e:39:47:96:e5:2d:95:f8:d2:c6:3d:76:ae:6c:ca:
70:cd:5f:15:e4:4d:9e:3d:1d:c5:ec:06:4e:44:60:d4:63:d2:
0a:41:17:7d:8a:9f:ed:8b:20:9e:ce:9d:1a:1f:d2:6a:29:af:
8a:00:33:5f:c7:00:7b:26:30:1f:f6:7b:50:0c:ce:cb:03:a3:
f3:44:20:b1:14:fd:80:33:d1:91:6d:34:d2:9b:53:50:81:71:
74:51:f1:42:ee:9f:9f:07:4f:d7:08:0b:a6:81:33:53:5c:03:
ab:8b:b7:2f:d0:8a:7e:00:cf:e6:26:88:29:65:d2:64:7b:fb:
be:30:16:60:7b:14:e2:e2:c5:d1:be:cf:4f:c3:10:ed:2e:40:
bf:dd:c0:e5:20:34:29:80:dd:6d:73:6a:63:5a:04:35:de:b4:
95:84:e3:d4:b8:e8:8c:a8:07:db:ee:21:e3:10:cb:3f:05:e1:
cd:89:df:86:e9:fa:97:c8:84:59:04:8c:86:49:ef:d5:c5:e4:
bc:de:35:cf:a4:e4:a7:a0:22:1e:8b:b0:48:1a:e7:bc:8f:10:
54:d3:d8:e3:7d:23:1b:84:39:18:94:56:79:6a:01:ef:2b:a8:
ac:09:98:aa:3a:d5:cc:12:0e:79:9d:3e:d5:05:26:fd:ae:b9:
50:5d:07:be
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYP2ZADLrlBK/JsPMlGo6i9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDIwMTcxNDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzM3NDg0NTExZThkMThhNzRlMTI0ODg2ZTYxNTQyYTc2MTBhMzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM5D7pMJNgf2a+JDafbM7xXbJOWS
wpM5iFMi1IK80IufvCyzn3NuJAD2oFO9IH/aOP3CBx69wxH/s0sRHOh2XQlwlVTu
ZRbtqa6pSYNhW55Kl9IrmgXVCF7tDPbi/k4+KAt8Z3LgYauCDjhXYIRAEVBWiFIl
pyvSbz7s+O5RL4x6NWQ8J9tZeM+mgh4gZEGQNKUdH6QLXOH4j67eWAFw14CbCuzh
6R0cKN1fQG7RUqpNJHtZaINqFQqh2vm4kDpft83EZNCkFQuX5vPIynbliRizNdPw
n1BvqEMaAxHEP1on5HOQJy16ZZq719zLfrc1ePrHaT9pFIGi1t5K7DPC0wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFLM3SEUR6NGKdOEkiG5hVCp2EKMBMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvc3pkSVJSSG8wWXAwNFNTSWJtRlVLbllRb3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBQIkKAwQB
QIkOAwQBQIkSAwQBQIkqAwQBQIkwMAwDBAFAiToDBAZAiQADBAJAiVAwDAMEAkCJ
XAMEAUCJZDAMAwQDaI/oAwQCaI/wAwQDaOkAAwQCaO4AAwQAaPkdMA0GCSqGSIb3
DQEBCwUAA4IBAQA58w1uOUeW5S2V+NLGPXaubMpwzV8V5E2ePR3F7AZORGDUY9IK
QRd9ip/tiyCezp0aH9JqKa+KADNfxwB7JjAf9ntQDM7LA6PzRCCxFP2AM9GRbTTS
m1NQgXF0UfFC7p+fB0/XCAumgTNTXAOri7cv0Ip+AM/mJogpZdJke/u+MBZgexTi
4sXRvs9PwxDtLkC/3cDlIDQpgN1tc2pjWgQ13rSVhOPUuOiMqAfb7iHjEMs/BeHN
id+G6fqXyIRZBIyGSe/VxeS83jXPpOSnoCIei7BIGue8jxBU09jjfSMbhDkYlFZ5
agHvK6isCZiqOtXMEg55nT7VBSb9rrlQXQe+
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:57 2023 by rpki-client on console-fra.rpki-client.org